Silk Road forums
Discussion => Security => Topic started by: iLegalBusinessConsultant on April 23, 2013, 05:46 am
-
Do you think skype video chats and google video chats are recorded and archived by the company?
-
I believe this has been discussed, and the general consensus is, yes.
Dont take that to the bank just yet though, hit the search box.
-
Do you think skype video chats and google video chats are recorded and archived by the company?
Skype is owned by Microsoft now. Both of these companies extensively archive your data for potential profits by selling your interests to marketers. Combine this with the US overuse of NSLs and the answer is a resounding yes.
-
For instant messaging you should only be using OTR (off the record messaging). Google for more info.
For calls you shouldn't be using Skype or Google, you should be using a encrypted VOIP alternative that is P2P and open source: Jitsi fits the bill.
I should write a tutorial on how to setup these easily or something, it seems like this is a general problem. The solutions exist, but hardly anybody is using them (unlike PGP, which has greater adoption).
I still don't recommend anybody actually use OTR and encrypted VOIP for serious business. You should use only PGP for that, it has proven itself.
-
I wasn't so much concerned about security with the recording of skype and google chat or VOIP as I wasn't using these services while on TOR. I just feel like sometimes I talk about a topic, something mundane non-criminal, on google IM or google chat, I invariably will start getting targeted ads on that topic. Like the old saying, free is never free. I'm sure google is somehow picking up certain things from the google hangout service and using it to send stupid ads at me. Not a big deal...for now. Thanks for the responses. I'll be looking forward to reading your tutorial on OTR and Jitsi, Pine.
-
Let's just say that Skype has fallen out of favor with the people using it for iLegalBusiness lol. It wouldn't surprise me if google used voice recognition software to look for ad keywords either.
It's been said before but I'll say it again... OTR FTW :)
-
For instant messaging you should only be using OTR (off the record messaging). Google for more info.
For calls you shouldn't be using Skype or Google, you should be using a encrypted VOIP alternative that is P2P and open source: Jitsi fits the bill.
I should write a tutorial on how to setup these easily or something, it seems like this is a general problem. The solutions exist, but hardly anybody is using them (unlike PGP, which has greater adoption).
I still don't recommend anybody actually use OTR and encrypted VOIP for serious business. You should use only PGP for that, it has proven itself.
I have read about Jitsi and it seems like an excellent VOIP solution but the Debian packing left a lot to be desired last I looked at it, so I ended up losing interest.
Have you ever looked into mumble as a hidden service with TLS and OCB-AES128? I read about it from a link of astor's in another thread. I was able to get a server and client configured and working, but as expected there were some latency issues.
-
Have you ever looked into mumble as a hidden service with TLS and OCB-AES128? I read about it from a link of astor's in another thread. I was able to get a server and client configured and working, but as expected there were some latency issues.
So you got it working over Tor? Pretty cool. I say the more hidden services, and the wider the variety, the better.
BTW, you don't need TLS encryption for a hidden service, since the connection is end-to-end encrypted with AES-128 (1-3 layers) by the Tor clients, but I suppose it doesn't hurt.
-
I have read about Jitsi and it seems like an excellent VOIP solution but the Debian packing left a lot to be desired last I looked at it, so I ended up losing interest.
I know, it is good, but there are certainly teething problems. Hopefully it'll get better with time.
Have you ever looked into mumble as a hidden service with TLS and OCB-AES128? I read about it from a link of astor's in another thread. I was able to get a server and client configured and working, but as expected there were some latency issues.
No, I'll look into it, thanks.
-
So you got it working over Tor? Pretty cool. I say the more hidden services, and the wider the variety, the better.
BTW, you don't need TLS encryption for a hidden service, since the connection is end-to-end encrypted with AES-128 (1-3 layers) by the Tor clients, but I suppose it doesn't hurt.
Yes. I was able to connect from my Tails USB mumble client to the mumble server hidden service. I know I don't need the TLS, but I figured it couldn't hurt like you said. Only downside is like I posted, latency. And I only tested with 3 clients connected simultaneously. I assume this problem would grow exponentially with number of users.
I know, it is good, but there are certainly teething problems. Hopefully it'll get better with time.
It looks like it's headed in the right direction, I will keep an eye on it's development.
No, I'll look into it, thanks.
Please let me know what you think if you don't mind. I am decent when it comes to security and I would like more skilled eyes than mine to look at the security of such a setup.